Page MenuHomeFreeBSD

Fix possible panic during ifnet detach in rtsock
ClosedPublic

Authored by ae on Nov 26 2018, 11:36 AM.

Details

Summary

This patch is targeted to fix possible panic in rtsock code, that can happen during ifnet detach.

The panic can happen, when some application does dump of routing table using sysctl interface. To prevent this, I set IFF_DYING flag in if_detach_internal() function, when ifnet under lock is removed from the chain. In sysctl_rtsock() take IFNET_RLOCK_NOSLEEP() to prevent ifnet detach during routes enumeration. In case, if some interface was detached in time before we take the lock, add the check, that ifnet is not DYING. This prevents access to memory that could be freed after ifnet is unlinked.

The change can be MFCed to stable/11, since the logic and macro name is still the same.

Diff Detail

Repository
rS FreeBSD src repository
Lint
Lint Skipped
Unit
Unit Tests Skipped
Build Status
Buildable 21209

Event Timeline

ae created this revision.Nov 26 2018, 11:36 AM
bz added a subscriber: bz.Nov 26 2018, 2:13 PM
bz added inline comments.
sys/net/rtsock.c
1556–1558

Do you want to assert that the locks are held as expected in here?

1928

Can you please commit the whitespace changes separately?

ae marked an inline comment as done.Nov 26 2018, 9:24 PM
ae updated this revision to Diff 51135.

Added IFNET_RLOCK_NOSLEEP_ASSERT(). Removed whitespace changes.

ae marked 2 inline comments as done.Nov 26 2018, 9:24 PM
ae added inline comments.
sys/net/rtsock.c
1556–1558

I can add IFNET_RLOCK_NOSLEEP_ASSERT() here, but adding of RIB_LOCK_ASSERT() needs more intrusive change.

bz accepted this revision.Nov 27 2018, 12:06 AM
This revision is now accepted and ready to land.Nov 27 2018, 12:06 AM
ae marked an inline comment as done.Nov 27 2018, 9:04 AM
This revision was automatically updated to reflect the committed changes.